I'm looking for hints about secure linux desktops. Securing servers is no problem. Most recent Software Updates, run only the services required etc. But what about desktops? I'm thinking about details ...

I am interested in potential/actual attacks against kiosk software.
I am not talking about physical access, or specifically designed kiosk operating systems or shells, bur rather software that runs ...

I've been told in the past that you should never give out the host names of computers on your network. I can't think of any reason why this would be the case.
Could someone tell me if they should be ...

The same-origin policy is one of the most important security feature in our browser.
It basically provides sandboxing for our applications which is protecting our users.
Desktop application can read ...

I have the following use case:
I want to write a desktop application that makes use of a third-party API (e.g. Dropbox)
This API requires an access_token to be sent to the server with each request.
...

If I want to use a GUI application with another user (example: webbrowser), I can copy the .Xauthority file to that given user's home then I can "su - user" and start the GUI app.
Question: but what ...

On a typical desktop (with no listening services such as Apache, SSH, ...) it seems to me, the browser is the most exposed application and a potential security compromise (and even more so with Java ...

I have a multitude of users that are requesting the ability to RDP from other workstations, on the same network, to their specific desktop computers. I would like to know what the risks of this are ...

I'm writing a daemon that monitors something in the OS and flips execution permissions on a file in /run/ back and forth. The file has static contents and the file name is hardcoded in the daemon. I ...

Suppose you have a GUI application, that potentionally may be too curious about your environment, such as the list of window titles.
How do I limit application's ability to enumerate windows, capture ...

Does Linux and Mac OSX have built-in Credential/Password Managers with API access like Windows has with its CredMan (CredWrite, etc). It would be preferrable if they could be used without the need to ...

I am developing an application that uses Shamir-based key splitting, and am looking at various products and am looking for a user-friendly, possibly dynamic graph that helps users build and manage key ...

Suppose we are in the field of desktop applications which need to store their data in a database. How do I store the password for this database avoiding the most obvious mistakes, which are:
1) hard ...